Digitally Signing a SOAP Message
Web Services Enhancements (WSE) enables .NET Framework clients and Web services created using ASP.NET to digitally sign SOAP messages. When digitally signed using an XML digital signature, SOAP messages can be cryptographically verified to be unaltered since they were signed. Digitally signing a SOAP message allows a recipient to cryptographically verify that the message has not been altered since it was signed. When WSE is configured on the SOAP recipient's computer, WSE automatically verifies the signature.
Although the XML digital signature does offer a mechanism for verifying the message has not been altered since it was signed, it does not encrypt the SOAP message; the message is still plain text in XML format. Once the SOAP message is digitally signed, it can be encrypted, however. For details about encrypting SOAP messages, see How to: Encrypt a SOAP Message.
Supported Security Tokens
The following table lists the security tokens that can be used to digitally sign SOAP messages and the step-by-step procedures for doing so.
|Security Token||Step-by-step procedure|
User name and password (UsernameToken)
Security context token
Custom security token